(Illustration by Gaich Muramatsu)
On Fri, Mar 19, 2004 at 12:04:11AM +0100, Ivan Popov wrote: > On Thu, 18 Mar 2004, Jan Harkes wrote: > > > the "realms" file do not work, unless they contain a dot '.' > > > Hostnames on my "domainless" net do not work either... > > > > Correct you need to have at least a single '.' in the realm name. This > > > It also makes the globally unique naming scheme actually _globally > > unique_. > > I really like the point. > My only "problem" was that I was not aware of this check. Well, the code used to append a '.' to the name we are searching for to prevent DNS from trying the locally defined search domains. But we found that that broke the /etc/hosts lookup on some systems. So now we're using an (undocumented?) special flag for the resolver library in combination with a test for at least a single '.' in the name. It really is nothing more than a simple heuristic and can still be fooled, i.e. any access to /coda/.foo, or /coda/a.foo will still trigger a useless DNS lookup that hits the rootservers. But that is in my mind a better solution than trying to hardcode acceptable top-level domains. I can envision that some day people might not want their Coda clients to connect to servers in a .pron domain. However, policies like that are probably better placed at a DNS proxy server on the firewall. I'm still not sure why ip-address based resolution failed. Maybe an older inverted test slipped back in with the IPv6 patches. JanReceived on 2004-03-18 22:33:21